The week in security: Malware growth leaves Australian CIOs unprepared

CIOs may only have glimpses of the future of mobile security, but security firm Bitdefender believes one of the recurring issues will be the continued channelling of private information even from paid-for apps in the Android Play app store. That’s a more immediate but no less worrying threat than a targeted Android attack against Uyghur activists, discovered by Kaspersky Lab security analysts and reflective of a growing Android malware profile that’s being addressed by the release of tools like AVG’s free new ‘TuneUp’ app.

Tapping into skilled students’ hacking abilities has become an increasingly popular practice. Melbourne’s Deakin University and Sydney’s Macquarie University, for example, have partnered with Trend Micro to develop and test big-data analysis techniques to better understand the cybersecurity threats facing Australian companies. And the US National Security Agency has tried an interesting approach by pitting its top hackers against university-age security enthusiasts from three top-tier military academies. Whether or not their collective minds will be able to improve the detection of and response to sneaky malware like the new Win32/Nemim.gen!A – which hides key files to avoid detection and analysis – is yet to be seen.

Some security technologies are proving problematic all on their own, with around half of online shoppers often prevented from completing online purchases because they can’t get their security credentials to work. Maybe they need to look at brain-powered passwords, or simply find a better authentication provider in a field that’s become more powerful with the release of a white-label authentication solution for Australian service providers.

Some law-enforcement authorities were suggesting the Find My Mac feature of Apple’s OS X lacks enough information to enable legal recovery of the device, while analysis of a hack of supermarket chain Schnucks found it took the company two weeks to find out how credit and debit card information on up to 2.4 million customers had been compromised.

Another analysis found malware that’s targeting online share trading software, while a new variant of the Gozi banking Trojan infects a computer’s Master Boot Record (MBR) to confound its removal. Aiming to confound malware targeted at financial-services targets, a Cambridge University spinoff has developed a new form of protection against ‘man-in-the-browser’ Trojan attacks, with a mobile device-based visual image security system to improve authentication.

In this and other cases it’s important to keep an open mind: many companies are in denial about the insider threat to data security, a new survey said, with nearly half of UK employers trusting their workers not to steal company information. But you don’t have to be a big business to get compromised: a Symantec study found that cyber-criminals are increasingly targeting vulnerable small businesses as easy prey. Others, though, continue to aim higher – and, as one 21-year-old British hackerand the co-founder of Pirate Bay found out, sometimes getting caught for it.

Caught or not, some attacks are starting to resemble bank heists – which has security experts worried. Many data centre providers are seeking to fill in the gaps with strong security nous, but there’s no need to even go out the door to find potential problems: an analysis of 13 popular home and small-office routers found critical security vulnerabilities.

Doubly so in Australia where, a survey found, CIOs feel broadly unprepared to deal with cyber attacks and aren’t always sure about the best ways to clinch security funding. That’s a problem, since the only way is up: a study from HP’s new HP Security Research (HPSR) organisation found that vulnerabilities were up nearly 20% since last year, while DDoS fighter Prolexic released figures suggesting DDoS attacks are up this year in both number and size. Worse still, many customers are finding network security technologies ineffective, according to a new Ponemon Institute report.

Even gaming machines aren’t free from problems, with one gaming-software developer moving to fix some identified flaws. Yet Oracle eclipsed even that number by shipping 128 patches covering security weaknesses across “hundreds” of its products. A new version of Java included 42 security fixes alone, and changed the way Web-based Java content will be presented inside Web browsers, while a new technical security standard is aiming at higher-level applications with an effort to improve supply-chain safety.

Even as the US government prepared to vote on, and eventually passed, the CISPA cyberthreat bill, one of its sponsors created a social-media storm by suggesting many of the opponents to the law are 14-year-olds in their basements.

Whether or not he’s right, basement-bound 14-year-olds might intuitively be able to answer a question answered by more formal research: how much malware is there, really, on free pornography sites? Some sites are remarkably free from the nasties, although one Russian porn site has been delivering malware that uses victims’ computers to mine bitcoins.

Anti-spam efforts scored a small victory after antispam vendor Cloudmark found that gift-card SMS spam had dropped after action by the US Federal Trade Commission against eight companies.

US Secretary of State John Kerry said cyber-defences will be crucial to ensuring security in the Asian region, while EU regulators were paying attention to open DNS resolvers after last month’s Spamhaus DDoS attacks, which EU security agency ENISA pinned on ISPs having ignored decade-old recommendations on limiting false IP traffic.

Meanwhile, Microsoft moved towards optional two-factor authentication and, announcing that browsers are the biggest security threats to enterprises, is developing a new client-side architecture called Embassies, which is designed to improve Web application security using Internet addresses for external communications.

Speaking of browser security: Apple has kept patching its Java version for the popular Snow Leopard operating system, even as it was revealed the next major version of Java – Java 8 – has been pushed back into the first quarter of 2014.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about AppleCambridge UniversityCloudmarkCSODeakin UniversityDeakin UniversityEUFederal Trade CommissionHPKasperskyKasperskyMacquarie UniversityMacquarie UniversityMicrosoftNational Security AgencyOracleSymantecTrend Micro AustraliaUS Federal Trade Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts